ExploitationSMTPVirtual Server implementationDifferent
Communication between email systems
Tutorial Background:
Currently, there are two companies, xiaonuo and dreamfire. The domain environment is deployed and Exchange 2003 is installed. Internal staff of the company can send emails to each other. However, the company's email system cannot communicate with external email systems. The company's email system is now required to communicate with external email systems.
Tutorial network topology:
Theoretical guidance:
The SMTP protocol is an internet standard protocol used to transmit and deliver emails. The exchange mail server uses the SMTP service provided by the Windows system as its inherent mail transmission protocol, communication between Exchange servers is completed by the SMTP virtual server.
The SMTP virtual server is essentially an SMTP stack that provides exchange with a mechanism for managing SMTP. In most cases, the Exchange server uses an SMTP virtual server instance to send and receive emails, the email administrator can use "Exchange System Manager" to configure and control the SMTP virtual server.
Mail delivery analysis:
Email transmission between user a and user B is between the local email system and is not subject to outbound/inbound policy restrictions. However, email transmission between user a and user C is between external email systems, and is subject to outbound/website-like policy restrictions.
UserASend email to userCComplete process:
1. User a first uses Mua to submit the mail to its mta smtp virtual server through SMTP protocol;
2. After receiving the email sent by user A, the MTA will first determine whether the email is a local email. If yes, it will save the email to the local user's email address and wait for the user to accept it; if not, the MTA will contact the DNS server to try to resolve the suffix of the email address. After the IP address is resolved, the message will be sent to the SMTP virtual server of the MTA of user C through the SMTP protocol.
3. After receiving the email, the SMTP virtual server of the MTA corresponding to user C determines whether user B exists locally. If yes, save the email in the user C's mailbox and wait for the user to receive it.
4. User C uses Mua to connect to the POP3 or IMAP4 virtual server of the local MTA through POP3 or IMAP4 protocol to receive emails.
Tutorial steps:
1,RegisterDNSRegion andMXRecord
The SMTP virtual server depends on DNS to determine the IP address of the target server. Generally, the internal DNS name is not published on the Internet. Therefore, the SMTP virtual server must be able to contact the external DNS server to resolve the DNS email exchange Record (MX record) of the external email address ).
If you want to enable external email sending and receiving in xiaonuo's email system, you should first submit a domain name registration application to the domain name registrar CNNIC to register the mail exchange (MX) record for this domain name.
Due to the poor environment simulation, this experiment installs DC, Exchange 2003, and DNS on a host (in the real environment, this approach is unscientific ), local DNS is equivalent to having registered with the domain name institution, and (MX) is recorded on the local DNS. In order to be able to contact the other party's DNS server, direct the two DNSS to each other's IP address.
First, create a host a record as mail.xiaonuo.com in the xiaonuo.com area on the DNS server, then create a mail exchanger (MX) in xiaonuo.com In the DNS area, and view the host a record just created, the default priority of the email server is 10, depending on the situation. The host and subdomain text box is empty. We recommend that you do not enter any names.
The setting method for the other DNS server is the same. The final mail exchange record is mail.dreamfire.com.
Then, direct the respective Referer of the DNS server to the IP address of the DNS server.
After setting, run cmd to test the DNS server. First, run NSLookup to check whether the DNS server can be resolved to the local DNS server. Then, run set type = mx, test whether dns mx records in all regions can be correctly parsed.
So far, the email system names of xiaonuo and dreamfire have been successfully registered, next we should configure the inbound settings for accessing the SMTP virtual server mail and the outbound settings for sending the mail. Take xiaonuo as an example:
2First, the email administrator can useExchangeSystem Manager "ManagementSMTPVirtual Server properties, ConfigurationExchange.
On the "General" tab, it is best to select "Limit connections do not exceed". The value is based on the situation. This ensures that some spam or hacker attacks block the channel of the SMTP virtual server, and cannot guarantee normal mail sending. You can also select "Enable Logging" to analyze faults of Some email servers.
On the "General" tab, click the "advanced" button to check whether the TCP port and filter of the amtp virtual server are enabled. The SMTP protocol uses port 25 as the standard port of its server, do not change this setting.
Click "authentication" in "access" to confirm that the SMTP virtual server allows "Anonymous Access". This ensures that all emails sent do not require authentication. If this option is selected, therefore, the sent email must pass the authentication method. In real life, it is rare to send emails to others and enter the user name and password. Generally, they are sent anonymously.
Click "connection" in "access" to add a range for access to this virtual server, which is generally used in a specific environment. By default, anyone can connect.
Select "mail" in the "Exchange System Manager" SMTP Virtual Server property to set mail delivery information. The first two are not set by default, the priority is higher than the setting in "mail delivery. The following two parameters are also the best values that Microsoft has summarized after a large number of experiments. It is best not to change them.
2,Configure outbound mail settings
If you want the SMTP virtual server to send external mail, the mail administrator can use "Exchange System Manager" to configure the SMTP virtual server's outbound mail settings:
Select the "pass" button in the "Exchange System Manager" SMTP virtual server attribute, and select "Outbound Security" to check "anonymous access" to allow internal users to send emails anonymously.
Select the "pass" button in the "Exchange System Manager" SMTP virtual server attribute, and select "outbound connection" to view some parameters of the outbound connection. In general, it is recommended that you do not modify the parameters.
Select the transfer button in the SMTP virtual server attribute of "Exchange System Manager, then, select "advanced" and select "reverse DNS lookup for incoming mail" to reduce the spam information by 30%, and put some spoofing email systems.
Select the "pass" button in the "Exchange System Manager" SMTP virtual server attribute, select "configuration" in "advanced", and add an Internet IP address, the IP address entered here is the same as the forwarder address entered in the DNS. You can enter multiple external DNS addresses here to ensure high reliability.
After the configuration is complete, add a user xiaonuo in the xiaonuo.com domain, and create the mail box and mail address. Similarly, add a user dreamfire in the dreamfire.com domain and create a mail box and email address. Then, use xiaonuo to send an email to dreamfire for testing.